Week 43 in Review – 2010

Week 43 in Review – 2010

Events Related:

ToorCon related news

Some Results from the ToorCon Security Conference – connectedinternet.co.uk
Hackers, security researchers at the ToorCon security conference in San Diego showed how easy it can be to poke holes in hardware and software with the right combination of tools, know-how, and good old fashioned cat curiosity.

ToorCon: New Apps, Old Infrastructure Make Toxic Brew – threatpost.com
In a variety of ways, experts at this weekend’s ToorCon Conference warned that the tidal wave of new devices and Web based services is straining an already aging Internet infrastructure, with privacy and security as the first victims.

Nmap Scripting and Pcap Analysis – securityaegis.com
There were a lot of really great talks at Toorcon and two of my best friends, David Shaw of Redspin and Nate Drier of Spiderlabs were kind enough to send me their video and slides.

Hardware Will Cut You (video) – adafruit.com
The hardware design process is fraught with pitfalls, from library component sketchiness, parts availability, erroneous data sheets, underestimates of complexity and long lead times.

pci dss v2.0 released – terminal23.net
The PCI Council has released PCI DSS v2.0 along with a doc of the changes.

Exploitation 101 – cryptocity.net
This week’s homework is to find and exploit the security vulnerability in homework.exe, which is a simple server very similar to the demo.exe from class.

RSYaba Modular Brute Force Attacker – randomstorm.com
RSYaba is tool to run brute force attacks against various services in a similar way to Hydra and Medusa. The tool was written after bad experiences at getting existing tools working correctly with HTTP and SSH so it was decided to make a tool that would be easier to configure.

Firesheep makes cookies crumble
In roughly 24 hours, Firesheep has been downloaded more than 104,000 times, as would-be-hackers — or the merely curious— downloaded the Firefox extension to test the exploit.

Fireshepard – notendur.hi.is
The program kills the current version of FireSheep running nearby, but the user is still in danger of all other session hijacking mechanisms. Do not do anything over a untrusted network that you cannot share with everyone.

Update: LoadDLLViaAppInit – didierstevens.com
This new version of LoadDLLViaAppInit allows you to load more than one DLL inside a process. You separate the DLL names with a semi-colon (;).

GMER – gmer.net
GMER is an application that detects and removes rootkits.

Websecurify Security Testing Runtime – code.google.com/p/websecurify/
Websecurify is a powerful web application security testing platform designed from the ground up to provide the best combination of automatic and manual vulnerability testing technologies.

Evilgrade 2.0 – the update explotation framework is back – infobytesec.com
This framework comes into play when the attacker is able to make traffic redirection, and such thing can be done in several ways such as: DNS tampering, DNS Cache Poisoning, ARP spoofing Wi-Fi Access Point impersonation, DHCP hijacking with your favorite tools.

The Sleuth Kit – sleuthkit.org
The Sleuth Kit can be used with The Autopsy Forensic Browser, which can be downloaded here.

Bluelog – digifail.com
Bluelog is a Linux Bluetooth scanner written to do a single task, log devices that are in discoverable mode.

SIP Inspector – sites.google.com/site/sipinspectorsite/
New version (1.22) is just released.

Techniques:

More about ATI 6XXX – golubev.com
It turns out that even Catalyst 10.6 can compile code for mysterious ISA id=15 and resulting disassembly looks very interesting — T unit indeed gone from ATI’s thread processors and XYWZ units now can process instructions they weren’t able to handle before, like 32-bit integer multiplies.

ZigBee Lab – digitalbond.com
We purchased the ETRX3DVKA357 Developers Kit from Telegesis. It contains a number of ZigBee modules, a ZigBee USB adapter, three developer (dev) boards and software.

Analysis of a UDP worm – sensepost.com
From time to time I like to delve into malware analysis as a pastime and post interesting examples, and recently we received a malware sample that had a low-detection rate.

BIOS Password Backdoors in Laptops – dogber1.blogspot.com
When a laptop is locked with password, a checksum of that password is stored to a sector of the FlashROM – this is a chip on the mainboard of the device which also contains the BIOS and other settings, e.g. memory timings.

JSREG BYPASSES – thespanner.co.uk
Another clever trick, the string is placed inside of an array and when the eval function is called it used to check the object type if it was a string then it rewrote the code if not it was assumed to be a already rewritten string however I didn’t expect an array to be used in this context so this would effectively bypass the sandbox

Vulnerabilities:

Here we go again: Adobe has a new zeroday
Adobe says that version 10.1.85.3 and earlier of Flash Player for the Windows, Macintosh, Linux and Solaris operating systems are vulnerable.

VIDEO: Cross-platform malware runs on Windows, Mac and Linux – sophos.com
We made a quick video demonstrating the much-talked about “Boonana” malware threat, also being compared to Koobface as it appears that cybercriminals have been distributing links to it via Facebook, tempting unsuspecting users with the promise of a video.

Vendor/Software Patches:

Critical Fixes for Shockwave, Firefox – krebsonsecurity.com
Adobe Systems pushed out a critical security update for its Shockwave Player that fixes nearly a dozen security vulnerabilities.

Other News:

iPhone Jailbreak Tool Sets Stage for Mobile Malware – threatpost.com
The success of a group of hackers in compromising the security of Apple’s iPhone may set the stage for more malware for the popular handset, including rootkit-style remote monitoring tools and data stealing malware.

SCADA Vendors Still Need Security Wake Up Call – threatpost.com
Speaking at the ToorCon Security Conference in San Diego, Jeremy Brown, a vulnerability researcher at security firm Tenable said that many SCADA software vendors lag far behind other IT firms in vulnerability research and lack even a basic awareness of modern security principles.

The Long Tail of Information Security – secmaniac.com
I wanted to blog about it because the talk itself resonated with me and directly correlates to a previous post on the current state of penetration tests.

Leave A Comment

About Us

Infosec Events is dedicated to the growing information security industry. We strive to provide useful information and resources to those in the industry. Don't hesitate to contact us should you need anything.